[ad_1]
A spyware campaign using tools from a secretive Israeli firm was used to attack and impersonate dozens of human rights activists, journalists and others. — Photo: © AFP
The UK government has identified cybersecurity as a Tier 1 threat level alongside natural disasters, war and terrorism. However, it is not only at the national level where the threat is posed, in fact, businesses are at a real risk as well.
With this, increased threat comes an even greater demand for cybersecurity expertise. Yet supply cannot keep up with demand as we face a global cybersecurity skills shortage. So how do we fix the problem? Of course, encouraging people to join the industry and increase training is one option, but it only solves the long-term issue.
These issues have been considered by Cody Cornell, CSO at Swimlane. Cornell’s thesis is that rapid digitalisation has helped businesses stay afloat during a turbulent last few years, it has also exposed them to increased vulnerabilities that malicious actors can exploit. The solution, to Cornell, is with automation.
This is in the context of an expanding threat level. Cornell describes: “This increased exposure comes at a time when cybersecurity threats across the globe continue to grow at an alarming rate. According to the latest Blackberry Global Threat Intelligence Report, the number of unique attacks using new malware samples skyrocketed by 50 percent from December 2022 to February 2023, with up to 12 attacks per minute observed.”
More specifically, Cornell cites: “In the UK, where cybersecurity has been identified as a Tier 1 threat alongside terrorism, war and natural disasters, 32 percent of businesses have reported a breach or attack during the last 12 months.”
Drawing the conclusion, Cornell states: “In an environment like this, it’s clear that cybersecurity must be a significant priority for every business. However, a more significant roadblock stands in the way of an organisation’s ability to secure their business – the substantial shortage of cybersecurity skills and talent.”
The costs to businesses are clear, Cornell finds: “Cybercrime is expected to cost the world $10.5 trillion annually by 2025, and yet for years organisations have struggled to build the specialised skills to manage these growing threats.”
Yet despite this threat level, too many businesses are ill-prepared. According to Cornell: “Recent research from the UK government found that approximately 51 percent of businesses in the country have a “basic” cybersecurity skills gap. This has resulted in a lack of confidence to carry out fundamental tasks such as setting up configured firewalls, storing or transferring personal data, and detecting and removing malware.”
This rests with the quality of employee skills. Cornell observes: “Additionally, 33 percent of businesses in the UK are experiencing more advanced cybersecurity skills gaps in areas such as penetration testing, forensic analysis and security architecture, and 37 percent of businesses report an internal skills gap when it comes to incident response and recovery.”
As organisations create new and innovative ways of protecting their businesses, cyber criminals are working to combat every new defence.
There is a solution which Cornell identifies: “As such, many organisations find it difficult to meet the constantly shifting security demands of a digitalised world. But, there’s a simple solution that organisations can take advantage of to ensure robust security of their systems and processes despite the lack of access to cybersecurity talent: automation.”
Automation is, however, not an automatic shoe-in. Cornell notes: “There is still unease surrounding automation from those who believe implementing it will either create more work or remove people from the equation entirely. But, the reality is that low-code security automation can strategically up-level the existing security team by removing the mundane and repetitive tasks taking up the bulk of their time. By embracing this technology as a tool to support the security operations centre instead of replacing it, organisations can detect, identify and respond to threats faster while reducing human error and costs.”
[ad_2]
Source link
